Default storage convertor + Hashicorp Vault - Data not decrypted on read

[KarlAustin]

Hi,

Plugin: 1.3.8 (The shipped 1.3.0 is the same).
Rundeck: 4.11

Using the default shipped storage convertor setup of jasypt-encryption we are seeing that data gets encrypted on the way in to the vault, but does not appear to be getting decrypted on the way back out.

We are storing SSH Keys and Passphrases in Vault for use with the SSHJ-SSH NodeExecutor (same issue with OpenSSH one as well) and the keys when fetched back from Vault are not recognised due to be encrypted still.

If we disable the convertor, re-write the keys so they get saved plain then everything works as expected.

It seems we're not the only one seeing this: rundeck/rundeck#8205

Steps to reproduce:

• Install Rundeck from Deb
• Install Vault plugin
• Configure Vault
• Try to use Private Key & Passphrase from storage

Thanks.

[MegaDrive68k]

Same here. The plugins doesn´t work with an Storage Converter "extra layer". This could be an enhacement.